This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1rQSpSq9n0go-1sqt7J-jro-onw.roa File: 1rQSpSq9n0go-1sqt7J-jro-onw.roa (raw, json) Hash identifier: A170zOdDKUFR8OjpxSyTeADzDSsnK0kS+5cwO4467+4= Subject key identifier: D6:B4:12:A5:2A:BD:9F:48:28:FB:5B:2A:B7:B2:7E:8E:BA:3E:A2:7C Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd Certificate serial: 019B7BA3B1FC7DBAD02340B703ECA1FC6273 Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1rQSpSq9n0go-1sqt7J-jro-onw.roa Signing time: Thu 01 Jan 2026 22:18:04 +0000 ROA not before: Thu 01 Jan 2026 22:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149457 IP address blocks: 185.202.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:b1:fc:7d:ba:d0:23:40:b7:03:ec:a1:fc:62:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd Validity Not Before: Jan 1 22:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d6b412a52abd9f4828fb5b2ab7b27e8eba3ea27c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a7:75:cb:79:4d:1b:93:85:7a:dc:4b:97:2c: e0:66:9f:f7:ec:fc:e3:e5:24:26:ac:cc:29:5f:67: 43:6c:1c:5d:7e:47:70:13:f5:98:53:08:9b:9c:75: dc:23:89:f2:ec:cd:bd:39:82:38:85:76:f6:df:e8: c0:9d:3f:66:10:a9:c9:67:c6:06:6a:60:4b:7b:35: ed:35:ba:1b:a2:b4:b8:8a:11:ce:11:c4:c0:1d:e5: 2f:38:0d:c7:ef:2d:04:83:38:4d:2d:73:d6:c3:3b: 64:51:50:a1:5e:1a:16:b4:a0:e0:b9:4e:95:5f:07: ff:ab:f8:fa:a5:7b:8d:78:44:29:38:1d:a0:eb:cf: 82:fe:49:0f:09:2d:56:c3:44:06:f0:94:38:8d:5b: b1:8b:c9:5f:8d:4e:03:67:3e:69:99:82:64:73:12: ba:74:ef:39:bd:81:bb:f9:5d:32:c5:24:e0:ca:67: ab:97:fb:68:51:4c:5a:10:ff:bd:2d:be:e7:52:e7: 80:df:2e:92:40:ed:81:45:0e:78:b0:6e:44:b3:e4: fd:07:75:5a:7b:c5:b3:2b:d3:0a:09:e9:2c:19:f9: 51:3e:b8:cc:63:d2:df:f2:d7:15:d6:9e:a7:bc:b7: 0a:c6:af:11:bc:dd:e8:14:40:3a:40:7d:fb:e9:d2: 1c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B4:12:A5:2A:BD:9F:48:28:FB:5B:2A:B7:B2:7E:8E:BA:3E:A2:7C X509v3 Authority Key Identifier: keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1rQSpSq9n0go-1sqt7J-jro-onw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.202.102.0/24 Signature Algorithm: sha256WithRSAEncryption 63:8f:b1:75:22:20:46:c0:24:da:d2:f2:52:4b:98:fc:64:a1: fc:e3:00:e0:58:31:3c:fb:30:e1:4c:97:51:ba:b0:8e:e1:e3: 71:50:d3:db:c1:20:6b:8e:62:43:21:07:3c:b4:5e:a3:2b:ac: 76:89:48:80:19:68:b4:77:59:90:8b:c0:52:d1:b4:f2:14:ac: c3:92:02:d0:0b:23:4c:44:c8:4d:28:d7:34:a1:d1:3a:64:20: 9c:e7:3c:ac:f0:5c:bb:d1:46:d4:ad:b5:15:1d:3e:14:f2:1f: ba:91:13:06:ba:ba:b1:7e:e0:9b:7e:62:9e:4e:3a:0a:90:6a: 03:ee:d8:26:9a:07:6d:d2:53:14:3a:04:25:29:0d:eb:da:cb: e2:70:0a:b8:5e:d8:34:c1:77:e1:f8:1b:fd:2b:ad:4a:d6:19: b2:11:4c:9a:35:a5:64:ca:41:7f:12:2c:60:57:72:9c:bd:ac: 69:5c:53:f0:49:c8:e9:c6:9e:e5:16:df:80:aa:8e:f9:30:c1: 4a:59:db:69:40:75:e9:68:35:7a:de:0c:d7:45:89:ce:67:ed: b7:bc:30:1c:d0:31:50:fa:4f:81:73:8e:a1:6d:74:56:3d:dd: 02:3a:9f:3d:83:f8:70:8c:0f:bf:c7:af:9f:bf:61:e4:86:77: 2a:8d:80:ef -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o7H8fbrQI0C3A+yh/GJzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx NjM2Y2QwHhcNMjYwMTAxMjIxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNmI0MTJhNTJhYmQ5ZjQ4MjhmYjViMmFiN2IyN2U4ZWJhM2VhMjdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApad1y3lNG5OFetxLlyzgZp/37Pzj 5SQmrMwpX2dDbBxdfkdwE/WYUwibnHXcI4ny7M29OYI4hXb23+jAnT9mEKnJZ8YG amBLezXtNboborS4ihHOEcTAHeUvOA3H7y0EgzhNLXPWwztkUVChXhoWtKDguU6V Xwf/q/j6pXuNeEQpOB2g68+C/kkPCS1Ww0QG8JQ4jVuxi8lfjU4DZz5pmYJkcxK6 dO85vYG7+V0yxSTgymerl/toUUxaEP+9Lb7nUueA3y6SQO2BRQ54sG5Es+T9B3Va e8WzK9MKCeksGflRPrjMY9Lf8tcV1p6nvLcKxq8RvN3oFEA6QH376dIcKwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNa0EqUqvZ9IKPtbKreyfo66PqJ8MB8GA1UdIwQY MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt YWU1MDI3MzY4MWE3LzEvMXJRU3BTcTluMGdvLTFzcXQ3Si1qcm8tb253LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3 LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpmMA0G CSqGSIb3DQEBCwUAA4IBAQBjj7F1IiBGwCTa0vJSS5j8ZKH84wDgWDE8+zDhTJdR urCO4eNxUNPbwSBrjmJDIQc8tF6jK6x2iUiAGWi0d1mQi8BS0bTyFKzDkgLQCyNM RMhNKNc0odE6ZCCc5zys8Fy70UbUrbUVHT4U8h+6kRMGurqxfuCbfmKeTjoKkGoD 7tgmmgdt0lMUOgQlKQ3r2svicAq4Xtg0wXfh+Bv9K61K1hmyEUyaNaVkykF/Eixg V3KcvaxpXFPwScjpxp7lFt+Aqo75MMFKWdtpQHXpaDV63gzXRYnOZ+23vDAc0DFQ +k+Bc46hbXRWPd0COp89g/hwjA+/x6+fv2HkhncqjYDv -----END CERTIFICATE-----Generated at Sun Jan 25 15:37:10 2026 by rpki-client